Data protection experts have urged the Nigeria Data Protection Commission (NDPC) to introduce mandatory training for judges and clarify its regulatory scope to strengthen the nation’s digital governance framework.
The call was made at the maiden Data Protection Summit and Annual General Meeting of the Association of Licensed Data Protection Companies of Nigeria (ALDAPCON) in Lagos.
The summit, themed “Strengthening Digital Trust: Advancing Nigeria’s Data Protection Landscape through Collaborations, Innovation and Compliance Excellence,” brought together regulators, consultants, and industry stakeholders to discuss emerging challenges in Nigeria’s data environment.
The experts also called on the NDPC to enforce accountability at all levels of government to safeguard the digital economy and attract foreign investment.
Delivering the keynote address, lawyer Mr. Val Obi emphasized the need for mandatory training for judicial officers and data protection practitioners. He said institutionalizing judicial training was a strategic imperative for the NDPC.
“The more judges know about this field, the better the quality of decisions they can deliver. Improved knowledge will significantly support the development of data protection jurisprudence,” Obi said.
He added that Data Protection Officers (DPOs) and Data Protection Compliance Organizations (DPCOs) should undergo mandatory training and certification to ensure strict compliance nationwide.
Obi further noted that the current regulatory scope requires clearer definitions, especially regarding cross-border data transfer rules, which he said leave businesses struggling to interpret their obligations. He also cited limited enforcement capacity as a major challenge for the NDPC in handling large-scale cases.
On accountability, Mr. Tokunbo Smith, President of the Data Knowledge Information Privacy Protection Initiative (DKIPPI), proposed that permanent secretaries should be held responsible for data breaches in Ministries, Departments and Agencies (MDAs).
He said permanent secretaries, being the chief accounting officers, would be compelled to ensure compliance and guide ministers appropriately.
“When permanent secretaries are held accountable and sanctioned for breaches, they, in turn, will ensure directors and officers comply. The fear of discipline, removal or suspension will be a strong deterrent,” Smith said.
Speaking on the role of DPCOs, ALDAPCON President, Dr. Ivan Anya, said members of the association serve as field operators responsible for training, consultancy and compliance services for organizations registered with the NDPC.
He said the annual summit aims to raise public awareness about the association’s role in Nigeria’s data protection compliance ecosystem.
Anya commended DPCOs for their contributions in supporting the implementation of Nigeria’s data protection law, adding that the summit reinforces collective hope for stronger safeguards for the privacy and security of Nigerian citizens.
In his remarks, the National Commissioner of the NDPC, Dr. Vincent Olatunji—represented by the Head of Strategy, Partnership and Communication, Abiola Jide-Abe—said the commission is not just a regulator but an enabler of trust, innovation and responsible digital growth.
He said the NDPC Act gives the Commission a strong foundation, but laws alone are insufficient without collective responsibility across government institutions, private-sector operators, technology developers and citizens.
“Data protection is not merely an administrative burden; it is a strategic investment in national security, economic integrity and individual dignity,” Olatunji said.
He added that the Commission will continue to strengthen enforcement, expand compliance capacity and deepen partnerships across all sectors. He emphasized the need for education, capacity building and a culture where privacy is embedded by design rather than treated as an afterthought.
